File cronie-1.4.11-pam_env.patch of Package cronie.10664

From c8e7d1b43c86a85441cb09cf7e08090f3ec1f384 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Fri, 16 Aug 2013 18:05:55 +0200
Subject: Pull PAM environment variables also from session modules.

- also fix memory leak of environment returned by pam_getenvlist()

diff --git a/src/security.c b/src/security.c
index c5fbc5e..4eee004 100644
--- a/src/security.c
+++ b/src/security.c
@@ -129,15 +129,13 @@ int cron_set_job_security_context(entry *e, user *u ATTRIBUTE_UNUSED,
 	}
 #endif
 
-	*jobenv = build_env(e->envp);
-
 #ifdef WITH_SELINUX
 	/* we must get the crontab context BEFORE changing user, else
 	 * we'll not be permitted to read the cron spool directory :-)
 	 */
 	security_context_t ucontext = 0;
 
-	if (cron_get_job_range(u, &ucontext, *jobenv) < OK) {
+	if (cron_get_job_range(u, &ucontext, e->envp) < OK) {
 		log_it(e->pwd->pw_name, getpid(), "ERROR",
 			"failed to get SELinux context", 0);
 		return -1;
@@ -165,6 +163,8 @@ int cron_set_job_security_context(entry *e, user *u ATTRIBUTE_UNUSED,
 		return -1;
 	}
 
+	*jobenv = build_env(e->envp);
+
 	time_t job_run_time = time(0L);
 
 	if ((minutely_time > 0) && ((job_run_time / 60) != (minutely_time / 60))) {
@@ -615,11 +615,18 @@ int crontab_security_access(void) {
 */
 static char **build_env(char **cronenv) {
 #ifdef WITH_PAM
-	char **jobenv;
-	char **pamenv = pam_getenvlist(pamh);
+	char **jobenv = pam_getenvlist(pamh);
 	char *cronvar;
 	int count = 0;
-	jobenv = env_copy(pamenv);
+
+	if (jobenv == NULL) {
+		jobenv = env_init();
+		if (jobenv == NULL) {
+			log_it("CRON", getpid(),
+				"ERROR", "Initialization of cron environment variables failed", 0);
+			return NULL;
+		}
+	}
 
 	/* Now add the cron environment variables. Since env_set()
 	 * overwrites existing variables, this will let cron's
-- 
cgit v0.10.2
openSUSE Build Service is sponsored by